Security and Risk Online: The rising threat of mobile malware

Cath's day was like any other - until she picked up her phone. It was dead except for a spinning penguin on its screen.

Her phone was locked and trapped inside was a year's worth of irreplaceable photos, messages, appointments and contacts.

For Cath this proved devastating: "I thought I had everything saved to the SIM, but that had been completely stripped of all information, photos, contacts, and texts. The photos in particular were the hardest loss to bear."

Sending her phone to her telco proved fruitless - they were unable to fix it. It wasn't a hardware failure. The only option that made any sense was malware, malicious software that is used to disrupt devices.

Mobile malware is becoming more commonplace both in New Zealand and overseas.

Mark Gorrie, Symantec's Australasian manager, said ransomware attacks (which sees PCs smartphones and other devices encrypted and locked until a fee gets paid) has increased by 163 per cent in the last 12 months.

Our part of the world is the third-most targeted region for ransomware attacks.

According to Symantec, cyber-crime is also growing. Identity thefts happen on average every two seconds.

Cybercrime affected 668 million people from 21 countries this year. Phishing attacks and other cyber-fraud cost US$126 billion globally last year.

Phones are increasingly targeted by cyber criminals as more people use them for online shopping.

The trouble is, it can difficult to tell if a website is genuine with a mobile browser and it can be easy to click an innocent-looking link or advert that then installs malware on your phone.

Vodafone offers six tips to avoid malware.

·         Only install applications from official app stores: If you own an Android device, you can set it to only allow authorised apps to be download from the Google Play store. Apple devices only allow apps from its store.

·         Do not jailbreak/root your device as this exposes it to threats.

·         Do not use the same username/passwords across all your apps or sites.

·         Ensure your device has a  password or PIN enabled. If it has a fingerprint scanner, use it

·         Keep the operating system up to date. Doing so ensures your device gets protected against any current vulnerabilities that could be exploited by malware.

·         Install mobile a security app (it'll detect and block malware) as well as a cloud-based photo app which will back up photos so they're not lost should your phone be stolen/broken or hacked.

One option as a security app is Symantec's latest version of Norton Mobile Security.

It can protect up to five devices so it should cover an entire household's PCs, smartphones and tablets.

The app offers basic malware protection at no cost but to get more advanced protection if you pay an annual fee of $99.

The free version includes antivirus/malware/spyware detection and removal, anti-theft capabilities, web protection plus call blocking.

The paid version features App Advisor which checks out apps installed on your phone and vets apps before you install them.

Online Security: ‘No refund if you lose money to cyber fraud through your fault’

Losing money to a cyber fraud may not earn you a refund from your bank if proven that you were at fault in the transaction, a consumer forum ruled recently.

The Additional Thane District Consumer Disputes Redressal Forum last week dismissed a complaint by a Navi Mumbai couple, stating that they had not taken due care in handling their bank account.

The couple had filed the complaint against a multi-national private bank, alleging that it was responsible for fraudulent transfer of money from their account. The complaint stated that the couple was deceived by a fraudster who used the bank’s name. When they brought this to the attention of the bank, they did not receive a positive response, which constituted a deficiency in service, they claimed.

According to the complaint, the couple, who had a joint NRI account, received text messages from the bank informing them of four withdrawals from their account, which they did not make. When they tried to log in to their account to change the user ID for Internet banking, they found the password changed. The couple immediately informed the bank and asked them to disable their net banking facility and debit card. A complaint too was made with the bank and an FIR lodged with the cyber cell of the Mumbai police and the local Rabale police station. The cyber police investigated and found who the money had been transferred to, the plea stated. The bank, however, did not give a positive response to their complaint, it added.

“On perusal of the complaint, it appears that the complainant received a mail allegedly from the opposite party and he clicked on the link mentioned in the said mail and furnished details about his user id and password and other details as were asked in the email. Thereafter, the fraudster carried out fraudulent transactions,” the order states.

“It is apparent that the complainant has not been diligent in his operations related to banking and has given his user id and password to the fraudster/hacker on his own. The opposite party, the bank, always reminded its customers never to share user id and passwords of their bank accounts with anyone to prevent any unauthorised access to bank accounts,” the forum states, adding that the complainant had therefore given up protection to his bank account by giving the details to the fraudster. The forum dismissed the plea stating it was not maintainable.

Tyre&Auto Southbourne Group: Properly taking care of your car is beneficial

Keeping the good condition of your car requires regular maintenance, and if repair is needed, it should be done correctly to make sure of the safety of everyone concerned. Tyre&Auto Southbourne Group suggests that you maintain the safety standards of your car and ensure that it is always in perfect running condition.

Knowing how to brake a car properly usually comes first before learning how to move it forward or backward, which indicates that a person should be responsible for his or her own protection as well as of other people. Tyre&Auto also views this as an essential aspect of driving a car.

The local residents of South Coast of Hampshire trust the automobile services of Tyre&Auto Southbourne Group – a family-operated company that has a great background in trading car accessories and parts. They offer services such as car servicing, tyres, brake checks, MOT’s and free seasonal tune-ups and check-ups.

Need quick tyre fitting? Tyre&Auto caters online transactions that can deliver fast tyre quotation. They can provide local collect and delivery of your car with high-quality maintenance and repair. How about an MOT test? Tyre&Auto also has it wherein it involves checking the safety of your car and the amount of exhaust emission.

The company also provides necessary assistance to your annual MOT certificate requirements through their regular reminders, which includes the due of your test, to ensure that you will renew your road tax and car insurance at the right time.

Ease, mobility, personal comfort as well as financial returns are some of the benefits of owning a car, but such vehicle can also provide emotional or psychological benefits to an individual or a family. With this in mind, Tyre&Auto Southbourne Group will continue to provide trustworthy services to their customers and will make sure that they will only deliver the best automobile services to them.

Online Security: Fraud detection firm outs $1b Russian ad-fraud gang and its robo-browsing Methbot

A $1 billion Russia-based criminal gang has been bilking online advertisers by impersonating high-profile Web sites like ESPN, Vogue, CBS Sports, Fox News and the Huffington Post and selling phony ad slots, but that’s about to end.

Online fraud-prevention firm White Ops is releasing data today that will enable online advertisers and ad marketplaces to block the efforts of the group, which is cashing in on its intimate knowledge of the automated infrastructure that controls the buying and selling of video ads.

The group has been ramping up its activities since October so that it now reaps roughly $3 million to $5 million per day from unsuspecting advertisers and gives them nothing in return, says White Ops, which discovered the first hints of the scam in September.

When someone clicks on a video that’s posted to a Web page, the video is often preceded by a short advertising video known as pre-roll. The pre-roll slot is sold realtime – within 100 milliseconds – via an automated auction. That click to request the video is what initiates the ad auction, and the browser directly receives the pre-roll from the advertiser that wins, says White Ops CEO Michael Tiffany.

The system relies on information provided by the browser to verify what site the browser user is visiting and that it actually receives the pre-roll ad. “The ecosystem believes what the browser says about what site you’re at,” he says.

Beware Methobot

The gang, which Tiffany calls AFT13, has created a robo-browser called Methbot that spoofs all the necessary interactions needed to initiate, carry out and complete the ad transactions. So Methbot contacts an ad exchange and says it needs a pre-roll for a video on Vogue.com, for example. The system runs an instant auction, settles on an ad and sends it to Methbot, which verifies that it received it and played it.

Then the advertiser pays the entity the website that the browser claimed to be visiting, but that entity resolves ultimately to AFK13, not to Voguecom, in this example, he says.

Beyond this, AFK13 spoofs the geolocation of the IP addresses that the Methbot servers use so it seems they are all owned by U.S. internet service providers. The proxy IP addresses mask the fact that Methbot traffic is generated by servers as opposed to individual personal computers generating legitimate traffic. It also hides that the servers are located in data centers in Dallas and Amsterdam.

This helps Methbot duck detection mechanisms that look for a few IP addresses that generate enormous volumes of requests Tiffany says, enabling AFK13 to sell 200 million to 300 million false ad impressions per day for 1.3 cents per view on average, White Ops says. The fraud network does its work from an estimated 800 to 1,000 nodes in its data centers and operates 24 hours per day, with a sales cycle of 5 seconds per impression.

Methbot further avoids detection by selling the ads on more than 6,000 domains representing about 250,000 URLs.

To pull this all off, AFK13 has amassed an impressive infrastructure that includes:

·         The servers that generate all the Methbot browser activity.

·         A bank of 500,000 IPv4 addresses (worth about $4 million if sold on the open market).

·         A means of registering those IP addresses so they appear to be allocated to U.S. ISPs.

·         Methbot software.

The software has been upgraded over the period that White Ops became aware of it, Tiffany says. For example, White Ops first caught on to the scam when it noted a small error in an HTTP header used by the group. One value, known as Cache-Control, contained a colon, which violated the specification for that value. Since then the error has been corrected.

White Op has been blocking Methbot traffic for its customers, but the only way to stop it entirely is to release the list of URLs indicative of Methbot, the IP addresses used by AFK13 and the list of publisher domains it forges.

Tiffany says White Ops has also notified the FBI about the scam.

Tokyo Online Security: US Leads The World In Online Fraud

Global retailers can expect 12 per cent growth in online fraudulent activity in the upcoming holiday season, compared with the same period last year — and lower ticket prices on fraudster-targeted gifts and products.

That’s the analysis which falls out of new benchmark data from ACI Worldwide.

The data, based on hundreds of millions of transactions from retailers globally, provides advice that merchants can leverage to protect against fraudulent activity this holiday season.

·         Card Not Present (CNP) global online fraud attempt rates are expected to increase 12 per cent by volume over the same peak holiday period in 2015 — with sales to increase by nearly the same rate (13 per cent) in 2016.

o   Fraud and new business growth are rising at the same rate globally.

·         S. CNP fraud attempt rates are expected to increase by 43 per cent by volume.

o   Following the US adoption of EMV chip cards, which protects card data through encryption, fraud is shifting online as fraudsters are more effectively deterred from in-store fraud.

·         The 2015 trend of lower ticket prices will continue in 2016, due to alternative shipping methods (e.g. buy online/pick-up in-store), low-priced electronics and promotions.

o   In the US, attempted fraud average ticket value (ATV), or a retailer’s average size of individual sales by credit card, is expected to decline from $239 to $219, an 8 per cent decrease.

o   Fraudsters are expected to focus on cosmetics, cordless headphones, sneakers and other lower-priced items (including ‘Gift with Purchase’ products) that can be easily resold on the black market or via auction websites

According to Mike Braatz, chief product officer, ACI Worldwide, “Fraud is increasing at a rate nearly equal to general retail growth globally — and is exponentially increasing in the US, due to a seismic shift from in-store to online activity.”

He added, “Because fraudulent activity is now considered to be an everyday occurrence, consumers and merchants must take every precaution as we head into peak holiday shopping season.”

Fraud will peak on Christmas Eve with nearly 2.5 per cent fraud, due to the popularity of gift cards and last-minute shopping via buy online-pick up in-store

“Merchants need to understand their peak days and the sales that drive those high velocity times to ensure risk strategies are effective and efficient,” said Braatz. “It’s important to prioritize real-time fraud detection without alienating the consumer experience.”